CVE-2006-5495 - OpenCVE

Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS 1.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_red2 parameter to (a) _msdazu_pdata/redaktion/artikel/up/index.php; (b) addtort.php, (c) colorpik2.php, (d) colorpik3.php, (e) extras_menu.php, (f) farbpalette.php, (g) lese_inc.php, and (h) newfile.php in _msdazu_share/richtext/; the (2) path_scr_dat2 parameter to (i)_msdazu_share/share/insert1.php; the (3) path_red parameter to (j) _msdazu_share/extras/downloads/index.php; and unspecified parameters in other files.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Trawler	Trawler Web Cms

Configuration 1 [-]

cpe:2.3:a:trawler:trawler_web_cms:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://cmsblog.msdazu.de/?p=209
http://secunia.com/advisories/22525
http://securitytracker.com/id?1017111
http://www.osvdb.org/29960
http://www.osvdb.org/29961
http://www.osvdb.org/29962
http://www.osvdb.org/29963
http://www.osvdb.org/29964
http://www.osvdb.org/29965
http://www.osvdb.org/29966
http://www.osvdb.org/29967
http://www.osvdb.org/29968
http://www.osvdb.org/29969
http://www.securityfocus.com/archive/1/449459/100/0/threaded
http://www.securityfocus.com/bid/20662
http://www.securityfocus.com/bid/20678
http://www.vupen.com/english/advisories/2006/4152
https://exchange.xforce.ibmcloud.com/vulnerabilities/29715
https://www.exploit-db.com/exploits/2611

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-10-25T10:00:00

Updated: 2024-08-07T19:55:52.762Z

Reserved: 2006-10-24T00:00:00

Link: CVE-2006-5495

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-10-25T10:07:00.000

Modified: 2018-10-17T21:43:35.157

Link: CVE-2006-5495

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-21T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS 1.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_red2 parameter to (a) _msdazu_pdata/redaktion/artikel/up/index.php; (b) addtort.php, (c) colorpik2.php, (d) colorpik3.php, (e) extras_menu.php, (f) farbpalette.php, (g) lese_inc.php, and (h) newfile.php in _msdazu_share/richtext/; the (2) path_scr_dat2 parameter to (i)_msdazu_share/share/insert1.php; the (3) path_red parameter to (j) _msdazu_share/extras/downloads/index.php; and unspecified parameters in other files."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "29963", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29963"}, {"name": "29968", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29968"}, {"name": "29964", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29964"}, {"name": "29960", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29960"}, {"name": "20678", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20678"}, {"name": "22525", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22525"}, {"name": "2611", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/2611"}, {"name": "1017111", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017111"}, {"name": "29961", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29961"}, {"name": "29966", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29966"}, {"tags": ["x_refsource_MISC"], "url": "http://cmsblog.msdazu.de/?p=209"}, {"name": "29969", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29969"}, {"name": "trawler-pathred-file-include(29715)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29715"}, {"name": "29962", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29962"}, {"name": "ADV-2006-4152", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4152"}, {"name": "20662", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20662"}, {"name": "29965", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29965"}, {"name": "20061021 trawler <= 1.8.1 Remote File Inclusion", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/449459/100/0/threaded"}, {"name": "29967", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/29967"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-5495", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS 1.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_red2 parameter to (a) _msdazu_pdata/redaktion/artikel/up/index.php; (b) addtort.php, (c) colorpik2.php, (d) colorpik3.php, (e) extras_menu.php, (f) farbpalette.php, (g) lese_inc.php, and (h) newfile.php in _msdazu_share/richtext/; the (2) path_scr_dat2 parameter to (i)_msdazu_share/share/insert1.php; the (3) path_red parameter to (j) _msdazu_share/extras/downloads/index.php; and unspecified parameters in other files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "29963", "refsource": "OSVDB", "url": "http://www.osvdb.org/29963"}, {"name": "29968", "refsource": "OSVDB", "url": "http://www.osvdb.org/29968"}, {"name": "29964", "refsource": "OSVDB", "url": "http://www.osvdb.org/29964"}, {"name": "29960", "refsource": "OSVDB", "url": "http://www.osvdb.org/29960"}, {"name": "20678", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20678"}, {"name": "22525", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22525"}, {"name": "2611", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/2611"}, {"name": "1017111", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017111"}, {"name": "29961", "refsource": "OSVDB", "url": "http://www.osvdb.org/29961"}, {"name": "29966", "refsource": "OSVDB", "url": "http://www.osvdb.org/29966"}, {"name": "http://cmsblog.msdazu.de/?p=209", "refsource": "MISC", "url": "http://cmsblog.msdazu.de/?p=209"}, {"name": "29969", "refsource": "OSVDB", "url": "http://www.osvdb.org/29969"}, {"name": "trawler-pathred-file-include(29715)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29715"}, {"name": "29962", "refsource": "OSVDB", "url": "http://www.osvdb.org/29962"}, {"name": "ADV-2006-4152", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4152"}, {"name": "20662", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20662"}, {"name": "29965", "refsource": "OSVDB", "url": "http://www.osvdb.org/29965"}, {"name": "20061021 trawler <= 1.8.1 Remote File Inclusion", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/449459/100/0/threaded"}, {"name": "29967", "refsource": "OSVDB", "url": "http://www.osvdb.org/29967"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:55:52.762Z"}, "title": "CVE Program Container", "references": [{"name": "29963", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29963"}, {"name": "29968", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29968"}, {"name": "29964", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29964"}, {"name": "29960", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29960"}, {"name": "20678", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20678"}, {"name": "22525", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22525"}, {"name": "2611", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/2611"}, {"name": "1017111", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017111"}, {"name": "29961", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29961"}, {"name": "29966", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29966"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://cmsblog.msdazu.de/?p=209"}, {"name": "29969", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29969"}, {"name": "trawler-pathred-file-include(29715)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29715"}, {"name": "29962", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29962"}, {"name": "ADV-2006-4152", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4152"}, {"name": "20662", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20662"}, {"name": "29965", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29965"}, {"name": "20061021 trawler <= 1.8.1 Remote File Inclusion", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/449459/100/0/threaded"}, {"name": "29967", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/29967"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-5495", "datePublished": "2006-10-25T10:00:00", "dateReserved": "2006-10-24T00:00:00", "dateUpdated": "2024-08-07T19:55:52.762Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trawler:trawler_web_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD260448-9823-48E0-B3E2-02839502B071", "versionEndIncluding": "1.8.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS 1.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_red2 parameter to (a) _msdazu_pdata/redaktion/artikel/up/index.php; (b) addtort.php, (c) colorpik2.php, (d) colorpik3.php, (e) extras_menu.php, (f) farbpalette.php, (g) lese_inc.php, and (h) newfile.php in _msdazu_share/richtext/; the (2) path_scr_dat2 parameter to (i)_msdazu_share/share/insert1.php; the (3) path_red parameter to (j) _msdazu_share/extras/downloads/index.php; and unspecified parameters in other files."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inclusi\u00f3n remota de archivos de PHP en Trawler Web CMS 1.8.1 y versiones anteriores, permiten a atacantes remotos la ejecuci\u00f3n de c\u00f3digo PHP de su elecci\u00f3n a trav\u00e9s de una URL en el par\u00e1metro (1) path_red2 en los archivos (a) _msdazu_pdata/redaktion/artikel/up/index.php; (b) addtort.php, (c) colorpik2.php, (d) colorpik3.php, (e) extras_menu.php, (f) farbpalette.php, (g) lese_inc.php, y (h) newfile.php en _msdazu_share/richtext/; el par\u00e1metro (2) path_scr_dat2 en los archivos (i)_msdazu_share/share/insert1.php; el par\u00e1metro (3) path_red parameter en los archivos (j) _msdazu_share/extras/downloads/index.php; y otros par\u00e1metros sin especificar en otros archivos."}], "id": "CVE-2006-5495", "lastModified": "2018-10-17T21:43:35.157", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-10-25T10:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://cmsblog.msdazu.de/?p=209"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/22525"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017111"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29960"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29961"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29962"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29963"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29964"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29965"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29966"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29967"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29968"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/29969"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/449459/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/20662"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/20678"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4152"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29715"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/2611"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}